Skip to content

feat(authentication): add click to pay support for modular authentication#10004

Merged
Gnanasundari24 merged 10 commits intomainfrom
11623-add-session-and-post-authentication-call-for-modular-auth
Nov 5, 2025
Merged

feat(authentication): add click to pay support for modular authentication#10004
Gnanasundari24 merged 10 commits intomainfrom
11623-add-session-and-post-authentication-call-for-modular-auth

Conversation

@sahkal
Copy link
Contributor

@sahkal sahkal commented Oct 26, 2025
edited
Loading

Type of Change

  • New feature

Description

add click to pay support for modular authentication

Two new api's

  1. Authentication enabled session tokens
  2. Authentication Sync with new feature for preAuthn and postAuthn ctp at a single step

Additional Changes

  • This PR modifies the API contract
  • This PR modifies the database schema
  • This PR modifies application configuration/environment variables

Motivation and Context

Currently modular auth doest support click to pay with this change we are adding click to pay feature into modular auth

How did you test it?

Setup Visa Click to Pay

Create merchant connector account for Ctp_visa

{

curl --location 'http://localhost:8080/account/dqwdwljildwduoqwhduwqcqwjd/connectors' \
--header 'Content-Type: application/json' \
--header 'Accept: application/json' \
--header 'api-key: test_admin' \
--data '
    "connector_type": "authentication_processor",
    "connector_name": "ctp_visa",
    "connector_account_details": {
        "auth_type": "NoKey"
    }
}
'

Once done,

do Authentication Create

curl --location 'localhost:8080/authentication' \
--header 'X-Profile-Id: pro_wcFayhnIqtY4jZXAd2HN' \
--header 'Content-Type: application/json' \
--header 'api-key: dev_kLSlE2JVx7KWY4XmiSYMsqTLhLfilKWOAJ2hG76BxOt5AfhKwelqamAQm7XLer5G' \
--data-raw '{
    "amount": 10,
    "currency": "EUR",
    "customer_details" : {
        "id": "sahkal",
        "name": "sahkal",
        "email": "sahkalplanet@gmail.com",
        "phone": "7001135329",
        "phone_country_code": "+91"
    },
    "acquirer_details": { 
        "acquirer_merchant_id": "00002000000",
        "acquirer_bin": "489048",
        "merchant_country_code": "356"
    },
    "authentication_connector":"ctp_visa",
    "return_url": "https://google.com"
}'

Do enabled_session_token

curl --location 'localhost:8080/authentication/authn_2l68qhChzMDeD76FE3dI/enabled_authn_methods_token' \
--header 'api-key: pk_kLSlE2JVx7KWY4XmiSYMsqTLhLfilKWOAJ2hG76BxOt5AfhKwelqamAQm7XLer5G' \
--header 'x-profile-id: pro_MO2Pw2Xyz4pkdfclApRg' \
--header 'Content-Type: application/json' \
--data '{
    "client_secret": "authn_2l68qhChzMDeD76FE3dI_secret_cE80tDWWqCgIiH6ZzUQU"
}'

Response

{
    "authentication_id": "authn_2l68qhChzMDeD76FE3dI",
    "session_token": [
        {
            "wallet_name": "click_to_pay",
            "dpa_id": "498WCF39JVQVH1UK4TGG21leLAj_MJQoapP5f12IanfEYaSno",
            "dpa_name": "TestMerchant",
            "locale": "en_AU",
            "card_brands": [
                "Mastercard",
                "Visa"
            ],
            "acquirer_bin": "545301",
            "acquirer_merchant_id": "SRC3DS",
            "merchant_category_code": "0001",
            "merchant_country_code": "US",
            "transaction_amount": "0.10",
            "transaction_currency_code": "EUR",
            "phone_number": "7001135329",
            "email": "sahkalplanet@gmail.com",
            "phone_country_code": "+91",
            "provider": "visa",
            "dpa_client_id": "TestMerchant"
        }
    ]
}

do Post Authn

curl --location 'localhost:8080/authentication/sahkal11/authn_1RWIt9lMeuBTCG7Z0WyH/sync' \
--header 'Content-Type: application/json' \
--header 'api-key: dev_kLSlE2JVx7KWY4XmiSYMsqTLhLfilKWOAJ2hG76BxOt5AfhKwelqamAQm7XLer5G' \
--data '{   
    
    "payment_method_details": {
        "payment_method_type": "ctp",
        "payment_method_data": {
            "encrypted_payload": "eyJpYXQiOjE3NjEzMzE4ODYsImFsZyI6IlJTMjU2IiwianRpIjoiT1dZeE1XUmhZall0TldVM01DMDBaalpqTFRrNVl6Z3RZakU0TlRWaE5qQXhaVGcxIiwia2lkIjoiTEtYTTBMTjhRNlI3TFdWMTlVMFcxM3NNaWI0bzU5UUVwSnpaTHlZaGl2eXJjTEVqayJ9.eyJzcmNpVHJhbnNhY3Rpb25JZCI6ImU1YTQ5ZGIyLTdjMzUtOWVkMC1mZmFlLTE0MTE0MmRiODEwMiIsImFzc3VyYW5jZURhdGEiOnsiZWNpIjoiMDYiLCJjYXJkVmVyaWZpY2F0aW9uUmVzdWx0cyI6IjIzIiwiY2FyZFZlcmlmaWNhdGlvbk1ldGhvZCI6IjAzIiwiY2FyZFZlcmlmaWNhdGlvbkVudGl0eSI6IjAyIn0sImVuY3J5cHRlZFBheWxvYWQiOiJleUpyYVdRaU9pSXhNVGd3TVRNd09USTRNalF5TWpNd09USTRObnhGVFVGSlRFRkVSRkpGVTFNOVlXdGhjMmd1YTJGdFlteGxRR3AxYzNCaGVTNXBiaXdnVDFVOVNsVlRVRUZaTENCUFBVcFZVMUJCV1N3Z1REMUNRVTVIUVV4UFVrVXNJRk5VUFV0QlVrNUJWRUZMUVN3Z1F6MUpUaUlzSW5SNWNDSTZJa3BQVTBVaUxDSmxibU1pT2lKQk1qVTJSME5OSWl3aVlXeG5Jam9pVWxOQkxVOUJSVkF0TWpVMkluMC5VVC1pY081WDBOaDRWa3dtTFNSMUZwaUp0YTdwajd4d3BQcmxJN2tZYlFLQklSdkQzTUItYkxIVmt1YnBOUUNHcGlQQ3VkWG54Z3lzb3k1V2JRSlFQYzNzRDBvcUEwS3ZwcUlRX1RwMjFxN25PTFViNFdSbktuc1Z1aFgtMEdZdG5JamxycnZNMnFnLUxZa1lOZVJFb2FuM2Y2aTZwUEtEdjhFS3B5dFFPT3A5ODVSUUpDV2hZZzVMOVhvM01kaVdDc2E0NklpQ3dNZ1YxWHg2Z1J6MllsYW81dTRFM0xNOWVEZTlmWTg4bjFlZVM5NjBsNHNNZEU1ei1xdGt4bGV4MkUyUEdRSXZFTEotbU8yRHM3ek54NGVKMXBiU3gxSXI2eHc3SG8wLXN6cUw2WDIwZTVwMjZpb2Q0dS04S00xTVRQSWNuM2hPSjdFaFBVSXpMUDJTUUEudlBtRm1XMEo5ZEZ3N01BNS5MNzF2MFRUM3AxMHh5WXN0UnVpbWZwcjU2dTBfTERNRlR2d1R3ZzJwY1JjU09yaC1HVUtMZUU2MWw0VDRwNzVsWS1hZzN2bEcyZEZDamxaRHBvUUdDUHFabEN4SGpqY1RmVklVYVBDdGVwTzdqTnF3TTBkYXJYc3VxcEFwbUZwRV91Wno4SVVaN0tXOUVjcDAwQ2ZPT2E2ckQwTGZNUG9CeGN4NjhwSUZjc0h4anBVRmVuV0hINk44RlF2RUtxMTFTcVBJdVNfWGZKSnJkRFJ1MklWNWFQamNIbjVxWjluNnp5X192MkMzTHZfRGVuQzYwLXRuYm5HaGxlZUpNVDMwQjdQQXdWaUlTN0JqU0xqbVo3c2Y1OWNMY1JZZGdyQldGTVNNOWU3dG1TczFtZERXcmVMOGFxeHpGcXd5Q3BKM01LdkVuVVoxTUpvcWdDQm11RldMQ2ZHZlBTWWNyZVBUU1ZUcV9BMnk0elJZRDlnU19GZTU3clh5OGV3eWpBMVpRVld5bGIyZmFLMTMteTgxY1RWOHVDUXhuRW12UnRSRXBtanYzZ01rcVlYRno3NU4weVctWHRfY2w1RXVuMW9WTkNORGV4Q2pqcTcwNEZBUmxzQ0ZJZ1BwU3hMTW9ROFdFRjVNMVQ2SHJ3VEIzSWp4YXRseGpocldGTGhQanVFYXZOMDNnNjJCazFHS29EZ3hRUXlQUllzbGs4TW1ya0tWTnl0X3dZZ19rZ01MMVpia19iS01nVlJaNGhoY0dnbGFlWFB2anNMN3JKS1pfRkJfN1psQVB5NjQzamU4SHE1WEFvQ041czNHZ2RQdVRmN1VPeFNyMXZsYUVFaXp1M0tENkpFR0FtbDI4aDJ0TlBZdkZSR01zN2hzWXVxX2xYMFJ3MkZEOU5ub19aRjJpcmQydjk2MzFqVHNraklNTUZla1BkTEpWSWhTdE9jRjlramZpU0l6eHc3RHUzSjV5YmJ6QnJnSk03RmFuN25ESU5saVRWemdWaGpoUG80cFpRWlBSLVgwLmZydjhZc0s0aS0zMFh6X25KTHNITnciLCJtYXNrZWRDYXJkIjp7InNyY0RpZ2l0YWxDYXJkSWQiOiJFMDhaYTkwSVRlVzhKb1J6V0owQXJ3MDAwMDAwMDAwMDAwQlkiLCJkYXRlT2ZDYXJkQ3JlYXRlZCI6IjIwMjUtMTAtMjRUMTg6NTA6NDEuODE0WiIsImRpZ2l0YWxDYXJkRGF0YSI6eyJzdGF0dXMiOiJBQ1RJVkUiLCJkZXNjcmlwdG9yTmFtZSI6Ik1hc3RlckNhcmQgVGVzdCBCYW5rIiwiYXJ0VXJpIjoiaHR0cHM6Ly9zYnguYXNzZXRzLm1hc3RlcmNhcmQuY29tL2NhcmQtYXJ0L2NvbWJpbmVkLWltYWdlLWFzc2V0LzY3MTNkNzNkLWE3MDEtNGJkMi1iYzliLTJlOTg5NDBkZTljNy5wbmciLCJhcnRIZWlnaHQiOiJudWxsIiwiYXJ0V2lkdGgiOiJudWxsIn0sInBhbkJpbiI6IjU0NTQwNSIsInBhbkV4cGlyYXRpb25Nb250aCI6IjEyIiwicGFuRXhwaXJhdGlvblllYXIiOiIyMDM0IiwicGFuTGFzdEZvdXIiOiIwMTM3IiwicGF5bWVudEFjY291bnRSZWZlcmVuY2UiOiI1MDAxNTdIOUVUOVZBOFUzVlFYSzJCS1FJSE5WUiIsInBheW1lbnRDYXJkRGVzY3JpcHRvciI6Im1hc3RlcmNhcmQiLCJwYXltZW50Q2FyZFR5cGUiOiJDUkVESVQiLCJ0b2tlbkJpblJhbmdlIjoiNTQ1NDA1MTY3IiwidG9rZW5MYXN0Rm91ciI6IjI3NjYifSwibWFza2VkQ29uc3VtZXIiOnsiZGF0ZUNvbnN1bWVyQWRkZWQiOiIyMDI0LTEyLTIzVDA3OjAxOjI3Ljg3M1oiLCJjb3VudHJ5Q29kZSI6IlVTIiwiZGF0ZUNvbnN1bWVyTGFzdFVzZWQiOiIyMDI1LTEwLTI0VDE4OjUwOjI0LjU1MVoiLCJsb2NhbGUiOiJlbl9VUyIsIm1hc2tlZENvbnN1bWVySWRlbnRpdHkiOnsiaWRlbnRpdHlQcm92aWRlciI6IlNSQyIsImlkZW50aXR5VHlwZSI6IkVNQUlMX0FERFJFU1MiLCJtYXNrZWRJZGVudGl0eVZhbHVlIjoiYSoqKioqY0BqdXNwYXkuaW4ifSwibWFza2VkRW1haWxBZGRyZXNzIjoiYSoqKioqY0BqdXNwYXkuaW4iLCJtYXNrZWRGaXJzdE5hbWUiOiJhKioqKioqKiIsIm1hc2tlZExhc3ROYW1lIjoiYyoqKioqKioqIiwibWFza2VkRnVsbE5hbWUiOiJhKioqKioqKiBjKioqKioqKioiLCJtYXNrZWRNb2JpbGVOdW1iZXIiOnsiY291bnRyeUNvZGUiOiI5MSIsInBob25lTnVtYmVyIjoiKCoqKikgKioqLSozNjgifSwic3JjQ29uc3VtZXJJZCI6IjU2YTZkNTMzLWZkYmItNDg0Yy05YzQzLTIwMjM5Y2U5YmMxMCIsInN0YXR1cyI6IkFDVElWRSJ9LCJzaGlwcGluZ0FkZHJlc3NaaXAiOiIxMDAzOCIsInNoaXBwaW5nQWRkcmVzc0NvdW50cnlDb2RlIjoiVVMiLCJjdXN0b21PdXRwdXREYXRhIjp7ImF1dGhvcml6YXRpb25zIjpbeyJ0eXBlIjoiQ1JPU1NfUFJPR1JBTV9DQVJEX0VOUk9MTE1FTlRfVE9LRU4iLCJhdXRob3JpemF0aW9uIjoiZXlKcmFXUWlPaUl5TURJek1ESXdPREE0TlRFMU55MXpZVzVrWW05NExXbGtaVzUwYVhSNUxYWmxjbWxtYVdOaGRHbHZiaTF6Y21NdGJXRnpkR1Z5WTJGeVpDMXBiblFpTENKMGVYQWlPaUpLVjFRclpYaDBMbU53WldOZmRHOXJaVzRpTENKaGJHY2lPaUpTVXpJMU5pSjkuZXlKaGRXUWlPaUpvZEhSd2N6cGNMMXd2YldGemRHVnlZMkZ5WkM1amIyMGlMQ0pwYzNNaU9pSm9kSFJ3Y3pwY0wxd3ZiV0Z6ZEdWeVkyRnlaQzVqYjIwaUxDSnpZMjl3WlVSaGRHRWlPaUo3WENKemNtTkRiR2xsYm5SSlpGd2lPbHdpTldNeU1EY3laV1l0TWpKbVlTMDBNMk01TFdFNE1qVXRPVEEyTVRRek16azNZalV4WENJc1hDSnpjbU5FYVdkcGRHRnNRMkZ5WkVsa1hDSTZYQ0pGTURoYVlUa3dTVlJsVnpoS2IxSjZWMG93UVhKM01EQXdNREF3TURBd01EQXdRbGxjSWl4Y0luTnlZMUJ5YjJkeVlXMUpaRndpT2x3aVUxSkRYQ0lzWENKemNtTkRiM0p5Wld4aGRHbHZia2xrWENJNlhDSTBaak16T1dKbE55NWhNVGs1TldJMllpMWxaalppTFRSbVlXSXRZbUUzTUMweE1HVm1aV1kxT1ROaFpHTmNJbjBpTENKelkyOXdaWE1pT2xzaVExSlBVMU5mVUZKUFIxSkJUVjlGVGxKUFRFeE5SVTVVWDBOQlVrUmZWRTlMUlU0aVhTd2laWGh3SWpveE56WTFNakU1T0RnMUxDSnBZWFFpT2pFM05qRXpNekU0T0RVc0ltcDBhU0k2SW1Zd1ltSXdaVEF3TFRGaU16TXROREkyTUMwNU5tVXhMV1ExWVdVek5tWXlOMlprTmlKOS5hVTRqZ0hOZVNzR0lkUFAxV1p4MFBtZ2ZFNkRKQWxpWDdfbEJ0Z2dZeHpoUFd1ekJ2X2wzQllJM1pVYnp4RWpYXzZSTzY3ZXFpWUJyZGxQR1NOWWNtN05wajR1dUtTQ3ZiZENCX2NWcklqUWxXWWVzejBqYlJqM1RGREc5RzdxMGs4Uk9ZWkRnMl9GdXQ0V0lrSFUwRWJydUp4R1A0bktNcFBqOTlsemtCUS1ZT25lRnNIOVdkOEJMZWhsTjRtUERMbjNnZHJPT3JTWlhIcDBLa1R2ZVFMSFB0bEVYQlBaZDFyWTJfVXp5eERtNXZDbHVfRU5SR0VFUmI2REhtcnlBc0U0NTZncnpWLXJ4Q1oyNWM0dy13TGszcHBycUJGaEJxY0UtY04teWhmVkVRbjhoM3JGWmQyV2tPWjM2dW9kTkU3M1RqVmR2dC03ZjFpLU8wM3JHSEEifV19fQ.Y4PEtz6NtxVDeVQGwvuWufgcw-sZe9TqSOMHeDrJeJfDgq7VVoCYcXbUQvhv737aCZHB5vz5f3jzv3AHzh4Tb3cUleCRFF9np430WpOQxMmyaRCZmnoXbONYUIkN7YX5LRcgxDUsjgSY-KczzEWsd19-U53v_rQS_etkbzfJ-yeEOZzG5jI4UvPoSaF5rdfdkk8Bkwo9wKWYSoMR_O9jG2K96cjjUPC1HIcLFcnqBIb9ApJJliPhO5Ua9XqI66iZe1xadiX_B7dqZAvuJ6b4cVUSqDLdNBB7OyvL4TuDJ5jKOn06NG6it47n-Tdxx-8Ahe59QSt3M0Yrxh-_l2XD9w",
            
            "provider": "visa"
        }
    }
}'

Shall result in 200 response with authn_value

Checklist

  • I formatted the code cargo +nightly fmt --all
  • I addressed lints thrown by cargo clippy
  • I reviewed the submitted code
  • I added unit tests for my changes where possible

@semanticdiff-com
Copy link

semanticdiff-com bot commented Oct 26, 2025
edited
Loading

Review changes with  SemanticDiff

Changed Files
File Status
  crates/router/src/core/payments.rs  99% smaller
  crates/router/src/routes/lock_utils.rs  31% smaller
  crates/router/src/core/unified_authentication_service.rs  11% smaller
  crates/api_models/src/authentication.rs  6% smaller
  crates/hyperswitch_domain_models/src/merchant_connector_account.rs  3% smaller
  crates/openapi/src/openapi.rs  3% smaller
  crates/router/src/routes/authentication.rs  1% smaller
  api-reference/v1/openapi_spec_v1.json  0% smaller
  crates/common_enums/src/enums.rs  0% smaller
  crates/diesel_models/src/authentication.rs  0% smaller
  crates/diesel_models/src/schema.rs  0% smaller
  crates/diesel_models/src/schema_v2.rs  0% smaller
  crates/openapi/src/routes/authentication.rs  0% smaller
  crates/router/src/core/authentication/utils.rs Unsupported file format
  crates/router/src/core/payments/operations/payment_confirm.rs  0% smaller
  crates/router/src/db/authentication.rs  0% smaller
  crates/router/src/routes/app.rs  0% smaller
  crates/router/src/services/authentication.rs  0% smaller
  crates/router_env/src/logger/types.rs  0% smaller
  migrations/2025-10-24-082437_add-customer-details-to-authentication/down.sql Unsupported file format
  migrations/2025-10-24-082437_add-customer-details-to-authentication/up.sql Unsupported file format

@hyperswitch-bot hyperswitch-bot bot added the M-database-changes Metadata: This PR involves database schema changes label Oct 26, 2025
@codecov
Copy link

codecov bot commented Oct 26, 2025
edited
Loading

Codecov Report

❌ Patch coverage is 0% with 62 lines in your changes missing coverage. Please review.
⚠️ Please upload report for BASE (main@a81af9d). Learn more about missing BASE report.

Files with missing lines Patch % Lines
.../router/src/core/unified_authentication_service.rs 0.00% 29 Missing ⚠️
crates/api_models/src/authentication.rs 0.00% 14 Missing ⚠️
crates/common_enums/src/enums.rs 0.00% 6 Missing ⚠️
crates/router/src/services/authentication.rs 0.00% 5 Missing ⚠️
crates/diesel_models/src/authentication.rs 0.00% 3 Missing ⚠️
crates/router/src/core/payments.rs 0.00% 3 Missing ⚠️
crates/router/src/core/authentication/utils.rs 0.00% 1 Missing ⚠️
crates/router/src/db/authentication.rs 0.00% 1 Missing ⚠️
Additional details and impacted files 
@@           Coverage Diff           @@
##             main   #10004   +/-   ##
=======================================
  Coverage        ?    3.90%           
=======================================
  Files           ?     1223           
  Lines           ?   302101           
  Branches        ?        0           
=======================================
  Hits            ?    11804           
  Misses          ?   290297           
  Partials        ?        0

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@sahkal sahkal self-assigned this Oct 27, 2025
@sahkal sahkal changed the title add click to pay support for modular authentication feat(authentication): add click to pay support for modular authentication Oct 27, 2025
@sahkal sahkal marked this pull request as ready for review October 27, 2025 07:19
@sahkal sahkal requested review from a team as code owners October 27, 2025 07:19
@hyperswitch-bot hyperswitch-bot bot added the M-api-contract-changes Metadata: This PR involves API contract changes label Oct 27, 2025
@sahkal sahkal added this to the July 2025 Release milestone Oct 27, 2025
sai-harsha-vardhan
sai-harsha-vardhan reviewed Oct 29, 2025
View reviewed changes
apoorvdixit88
apoorvdixit88 previously approved these changes Nov 4, 2025
View reviewed changes
Copy link
Contributor

@apoorvdixit88 apoorvdixit88 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks fine from dashboard side.

@Gnanasundari24 Gnanasundari24 added this pull request to the merge queue Nov 5, 2025
Merged via the queue into main with commit e0538de Nov 5, 2025
29 of 31 checks passed
@Gnanasundari24 Gnanasundari24 deleted the 11623-add-session-and-post-authentication-call-for-modular-auth branch November 5, 2025 07:23
aadityaguptaa pushed a commit that referenced this pull request Nov 10, 2025
@sahkal @aadityaguptaa
feat(authentication): add click to pay support for modular authentica…
66140ea 
…tion (#10004)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@sai-harsha-vardhan sai-harsha-vardhan sai-harsha-vardhan approved these changes

@apoorvdixit88 apoorvdixit88 apoorvdixit88 approved these changes

Assignees

@sahkal sahkal

Labels

M-api-contract-changes Metadata: This PR involves API contract changes M-database-changes Metadata: This PR involves database schema changes

Projects

None yet

Milestone

July 2025 Release

Development

Successfully merging this pull request may close these issues.

4 participants

@sahkal @sai-harsha-vardhan @apoorvdixit88 @Gnanasundari24